Steven Chamberlain

**Name of the Vulnerable Software and Affected Versions** Balabit syslog-ng versions 2.0, 3.0, 3.1, 3.2 OSE and PE **Description** The issue is related to improper cast operations when running on certain operating systems, resulting in the creation of log files with insecure permissions. This allows local users to read and write to these log files. **Recommendations** For Balabit syslog-ng versions 2.0, 3.0, 3.1, 3.2 OSE and PE, consider changing the default permissions to a more secure setting to prevent unauthorized access to log files.